Data protection board briefing

The following Risk & Compliance precedent provides comprehensive and up to date legal information covering:

  • Data protection board briefing

Data protection board briefing

Date: [insert date]

    1. 1

      Introduction

      As our [insert appropriate term, eg senior management team or board], it is important for you to understand how data protection law affects [insert organisation name], why it is so important and what we need to do to ensure [insert organisation name]’s compliance. This briefing sets out the key elements of the UK General Data Protection Regulation (UK GDPR) and what we have done to ensure we comply.

      If any of the terms in this briefing are unfamiliar, please refer to our [insert name of document, eg detailed board briefing or cheat sheet].

      1. 1.1

        Does the UK GDPR apply to [insert organisation name]?

        It is virtually impossible to operate any business without handling personal data, so it is safe to assume that [insert organisation name] is caught by the UK GDPR.

        Failure to comply with the UK GDPR could have serious implications for [insert organisation name]’s reputation, attract claims by aggrieved data subjects and expose us to fines of up to £17.5m or 4% of total worldwide annual turnover.

    1. 2

      Data protection officer

      It is not compulsory for all commercial organisations to appoint a Data Protection Officer (DPO). This is only required where the core activities of an organisation exceed certain thresholds.

      We [have considered OR will consider] whether it is necessary or desirable for [insert organisation name] to appoint a DPO. [Insert the status

Popular documents